commit 19d84e0e723b6bc665fca38620ac332ea954d228 · aylac.top/nixcfg-own-knot

+12 -12

flake.lock

···

       73
       73
        
               "nixpkgs": "nixpkgs"

     

       74
       74
        
             },

     

       75
       75
        
             "locked": {

     

       76
       76
       -
               "lastModified": 1755732626,

     

       77
       77
       -
               "narHash": "sha256-qLAElW0E2QmcrKAbLPjFdueAOpjp3HmlxaOQf4R4jas=",

     

       76
       76
       +
               "lastModified": 1755797736,

     

       77
       77
       +
               "narHash": "sha256-+rbFE7UqEx5FPoGMzqSltGnf5j0iqJUx8bgjHMMc61I=",

     

       78
       78
        
               "owner": "9001",

     

       79
       79
        
               "repo": "copyparty",

     

       80
       80
       -
               "rev": "cd8771fa522d1cf645c3c7e0193f07b53d81559c",

     

       80
       80
       +
               "rev": "6c76614eb1e805b7837e4e9294b842b9db6c3d1f",

     

       81
       81
        
               "type": "github"

     

       82
       82
        
             },

     

       83
       83
        
             "original": {

     
···

       619
       619
        
               ]

     

       620
       620
        
             },

     

       621
       621
        
             "locked": {

     

       622
       622
       -
               "lastModified": 1755739851,

     

       623
       623
       -
               "narHash": "sha256-SC703bnPGOPWSEdZN2J2MkJWQBcUHV4QzuvFPdSVUME=",

     

       622
       622
       +
               "lastModified": 1755755322,

     

       623
       623
       +
               "narHash": "sha256-spCxkNihCk3uT3LUrUwzdEAjLA/E0EtEgF3KVI05nlM=",

     

       624
       624
        
               "owner": "nix-community",

     

       625
       625
        
               "repo": "home-manager",

     

       626
       626
       -
               "rev": "3c3510e61ca5c15a0f13d73c2232fa2d5478a86c",

     

       626
       626
       +
               "rev": "282b4c98de97da6667cb03de4f427371734bc39c",

     

       627
       627
        
               "type": "github"

     

       628
       628
        
             },

     

       629
       629
        
             "original": {

     
···

       744
       744
        
           },

     

       745
       745
        
           "nixpkgs-unstable": {

     

       746
       746
        
             "locked": {

     

       747
       747
       -
               "lastModified": 1755577059,

     

       748
       748
       -
               "narHash": "sha256-5hYhxIpco8xR+IpP3uU56+4+Bw7mf7EMyxS/HqUYHQY=",

     

       747
       747
       +
               "lastModified": 1755736253,

     

       748
       748
       +
               "narHash": "sha256-jlIQRypNhB1PcB1BE+expE4xZeJxzoAGr1iUbHQta8s=",

     

       749
       749
        
               "owner": "NixOS",

     

       750
       750
        
               "repo": "nixpkgs",

     

       751
       751
       -
               "rev": "97eb7ee0da337d385ab015a23e15022c865be75c",

     

       751
       751
       +
               "rev": "596312aae91421d6923f18cecce934a7d3bfd6b8",

     

       752
       752
        
               "type": "github"

     

       753
       753
        
             },

     

       754
       754
        
             "original": {

     
···

       812
       812
        
               "nixpkgs": "nixpkgs_4"

     

       813
       813
        
             },

     

       814
       814
        
             "locked": {

     

       815
       815
       -
               "lastModified": 1755729137,

     

       816
       816
       -
               "narHash": "sha256-eON36fTYYgAL1J/31FZfSyJzt+T9TFOn5p6P8ddyyqA=",

     

       815
       815
       +
               "lastModified": 1755797786,

     

       816
       816
       +
               "narHash": "sha256-+Qs6u9r2XwGjZGRHVbL1QV/3B4TZrE1ySdch9bHlMh0=",

     

       817
       817
        
               "owner": "nix-community",

     

       818
       818
        
               "repo": "NUR",

     

       819
       819
       -
               "rev": "c6508c49a36f20ea2d28920d1b5d55a48d072a4a",

     

       819
       819
       +
               "rev": "1b97ab0ba152bd2f4460a901cd7c44ebbacf7d6d",

     

       820
       820
        
               "type": "github"

     

       821
       821
        
             },

     

       822
       822
        
             "original": {

+4 -4

hosts/morgana/default.nix

···

       38
       38
        
               location = "/data/.swap";

     

       39
       39
        
             };

     

       40
       40
        
       

     

       41
       41
       -
             #autoUpgrade = {

     

       42
       42
       -
             #  enable = true;

     

       43
       43
       -
             #  operation = "switch";

     

       44
       44
       -
             #};

     

       41
       41
       +
             autoUpgrade = {

     

       42
       42
       +
               enable = true;

     

       43
       43
       +
               operation = "switch";

     

       44
       44
       +
             };

     

       45
       45
        
           };

     

       46
       46
        
           desktop.gnome.enable = true;

     

       47
       47
        
           services = {

+6

hosts/nanpi/glance.nix

···

       65
       65
        
                             icon = "di:jellyfin";

     

       66
       66
        
                           }

     

       67
       67
        
                           {

     

       68
       68
       +
                             title = "Jellyseerr";

     

       69
       69
       +
                             url = "https://${config.mySnippets.tailnet.networkMap.jellyseerr.vHost}/";

     

       70
       70
       +
                             check-url = "http://${config.mySnippets.tailnet.networkMap.jellyseerr.hostName}:${toString config.mySnippets.tailnet.networkMap.jellyseerr.port}/";

     

       71
       71
       +
                             icon = "di:jellyseerr";

     

       72
       72
       +
                           }

     

       73
       73
       +
                           {

     

       68
       74
        
                             title = "Sonarr";

     

       69
       75
        
                             url = "https://${config.mySnippets.tailnet.networkMap.sonarr.vHost}/";

     

       70
       76
        
                             check-url = "http://${config.mySnippets.tailnet.networkMap.sonarr.hostName}:${toString config.mySnippets.tailnet.networkMap.sonarr.port}/";

+15 -3

hosts/nanpi/services.nix

···

       143
       143
        
               extraConfig = ''

     

       144
       144
        
                 bind tailscale/copyparty

     

       145
       145
        
                 encode zstd gzip

     

       146
       146
       -
                 reverse_proxy ${config.mySnippets.tailnet.networkMap.copyparty.hostName}:${toString config.mySnippets.tailnet.networkMap.copyparty.port} {

     

       147
       147
       -
                   flush_interval -1

     

       148
       148
       -
                 }

     

       146
       146
       +
                 reverse_proxy ${config.mySnippets.tailnet.networkMap.copyparty.hostName}:${toString config.mySnippets.tailnet.networkMap.copyparty.port}

     

       149
       147
        
               '';

     

       150
       148
        
             };

     

       151
       149
        
       

     
···

       162
       160
        
                 bind tailscale/miniflux

     

       163
       161
        
                 encode zstd gzip

     

       164
       162
        
                 reverse_proxy ${config.mySnippets.tailnet.networkMap.miniflux.hostName}:${toString config.mySnippets.tailnet.networkMap.miniflux.port}

     

       163
       163
       +
               '';

     

       164
       164
       +
             };

     

       165
       165
       +
       

     

       166
       166
       +
             "${config.mySnippets.tailnet.networkMap.jellyseerr.vHost}" = {

     

       167
       167
       +
               extraConfig = ''

     

       168
       168
       +
                 bind tailscale/jellyseerr

     

       169
       169
       +
                 encode zstd gzip

     

       170
       170
       +
                 reverse_proxy ${config.mySnippets.tailnet.networkMap.jellyseerr.hostName}:${toString config.mySnippets.tailnet.networkMap.jellyseerr.port}

     

       165
       171
        
               '';

     

       166
       172
        
             };

     

       167
       173
        
           };

     
···

       282
       288
        
                 "everyone:message-to-ayla:wo"

     

       283
       289
        
               ];

     

       284
       290
        
             };

     

       291
       291
       +
           };

     

       292
       292
       +
       

     

       293
       293
       +
           jellyseerr = {

     

       294
       294
       +
             enable = true;

     

       295
       295
       +
             inherit (config.mySnippets.tailnet.networkMap.jellyseerr) port;

     

       296
       296
       +
             openFirewall = true;

     

       285
       297
        
           };

     

       286
       298
        
       

     

       287
       299
        
           copyparty = {

+6

modules/snippets/tailnet/default.nix

···

       116
       116
        
                 port = 6540;

     

       117
       117
        
                 vHost = "miniflux.${config.mySnippets.tailnet.name}";

     

       118
       118
        
               };

     

       119
       119
       +
       

     

       120
       120
       +
               jellyseerr = {

     

       121
       121
       +
                 hostName = "nanpi";

     

       122
       122
       +
                 port = 5055;

     

       123
       123
       +
                 vHost = "jellyseerr.${config.mySnippets.tailnet.name}";

     

       124
       124
       +
               };

     

       119
       125
        
             };

     

       120
       126
        
           };

     

       121
       127
        
         };

+6 -2

modules/users/ayla/default.nix

···

       14
       14
        
       

     

       15
       15
        
             openssh.authorizedKeys.keyFiles =

     

       16
       16
        
               lib.map (file: "${self.inputs.secrets}/publicKeys/${file}")

     

       17
       17
       -
               (lib.filter (file: (lib.hasPrefix "ayla_" file) || (lib.hasPrefix "root_morgana" file))

     

       18
       18
       -
                 (builtins.attrNames (builtins.readDir "${self.inputs.secrets}/publicKeys")));

     

       17
       17
       +
               # right now this config is fine but if i ever get another machine i daily drive or a build server i need to do something else here

     

       18
       18
       +
               (lib.filter (file:

     

       19
       19
       +
                 if config.networking.hostName == "morgana"

     

       20
       20
       +
                 then "ayla_m23.pub" == file

     

       21
       21
       +
                 else (lib.elem file ["ayla_morgana.pub" "ayla_23.pub"]))

     

       22
       22
       +
               (builtins.attrNames (builtins.readDir "${self.inputs.secrets}/publicKeys")));

     

       19
       23
        
       

     

       20
       24
        
             uid = 1000;

     

       21
       25
        
             shell = pkgs.fish;

+6 -2

modules/users/default.nix

···

       19
       19
        
       

     

       20
       20
        
             users.root.openssh.authorizedKeys.keyFiles =

     

       21
       21
        
               lib.map (file: "${self.inputs.secrets}/publicKeys/${file}")

     

       22
       22
       -
               (lib.filter (file: (lib.hasPrefix "ayla_" file) || (lib.hasPrefix "root_morgana" file))

     

       23
       23
       -
                 (builtins.attrNames (builtins.readDir "${self.inputs.secrets}/publicKeys")));

     

       22
       22
       +
               # right now this config is fine but if i ever get another machine i daily drive or a build server i need to do something else here

     

       23
       23
       +
               (lib.filter (file:

     

       24
       24
       +
                 if config.networking.hostName == "morgana"

     

       25
       25
       +
                 then "ayla_m23.pub" == file

     

       26
       26
       +
                 else (lib.elem file ["ayla_morgana.pub" "ayla_23.pub"]))

     

       27
       27
       +
               (builtins.attrNames (builtins.readDir "${self.inputs.secrets}/publicKeys")));

     

       24
       28
        
           };

     

       25
       29
        
         };

     

       26
       30
        
       }